<?php
require_once("../resources/commons.php");
require_once("../data/User.php");
require_once("HTML/QuickForm/Controller.php");
require_once("HTML/QuickForm/Action/Display.php");
require_once("HTML/QuickForm/Action/Submit.php");
require_once("HTML/QuickForm/text.php");
require_once("HTML/QuickForm/password.php");
require_once("HTML/QuickForm/submit.php");
require_once("HTML/QuickForm/hidden.php");
require_once("../plugins/extension_plugin.php");

/**
 * Login form
 */
class LoginPage extends HTML_QuickForm_Page{
    function buildForm(){
        $this->_formBuilt = true;

		$l_loginInput=new HTML_QuickForm_text("login");
		$l_loginInput->setLabel("Login (e-mail) :");
		$this->addElement($l_loginInput);
		$l_passwordInput=new HTML_QuickForm_password("password");
		$l_passwordInput->setLabel("Password :");
		$this->addElement($l_passwordInput);
		$l_submit=new HTML_QuickForm_submit("submit");
		$l_submit->setValue("OK");
		$this->addElement($l_submit);
		
		$l_hiddenBackUrl=new HTML_QuickForm_hidden("backUrl");
		$l_hiddenBackUrl->setValue($_REQUEST[BACK_URL]);
		$this->addElement($l_hiddenBackUrl);
		
		//The validation rules (either client and server)
		$this->addRule("login","Login must not be empty","required",null,"client");
		$this->addRule("login","Login must be a valid e-mail address","email",null,"client");
		$this->addRule("password","Password must not be empty","required",null,"client");
		$this->addRule("login","Login must not be empty","required",null,"server");
		$this->addRule("login","Login must be a valid e-mail address","email",null,"server");
		$this->addRule("password","Password must not be empty","required",null,"server");
		$this->applyFilter("login","trim");
		$this->applyFilter("login","strtolower");
		$this->applyFilter("password","trim");
		
        $this->setDefaultAction("submit");
    }
}


/**
 * We subclass the default 'display' handler to customize the output
 */
class ActionDisplay extends HTML_QuickForm_Action_Display{
    function _renderForm($page){
    	displayTop("Login process",null,null);
    	echo "<center>";
        $page->display();
        echo "</center>";
        displayBottom();
    }
}

/**
 * Action to be called after a submit action.
 * Check the login/password
 */
class ActionProcess extends HTML_QuickForm_Action{
    function perform($page){
    	$l_login=$page->exportValue("login");
    	$l_password=$page->exportValue("password");
    	
    	//Check password
    	$l_record=User::getFromCustomCriteria("WHERE email=:email and isActive=:isActive",array("email" => $l_login,"isActive" => true));
    	if(count($l_record)==0){
    		//User cannot be found in the database
    		displayError("Unknown user");
    	}else{
    		$l_user=array_shift($l_record);
    		if(sha1($l_password) != $l_user->getCredentials()){
	    		//Specific password is invalid
	    		displayError("Invalid credentials");
	    	}else{
	    		manageSession($l_user, $page->exportValue("backUrl"));
	    	}
    	}
    }
}

$controller =new HTML_QuickForm_Controller('LoginProcess', false);
$l_remoteUser=$_SERVER["REMOTE_USER"];
if(isset($l_remoteUser) && strrpos($l_remoteUser, "@")){
	$controller->setDefaults(array("login" => $l_remoteUser));
}
$controller->addPage(new LoginPage('login'));

$controller->addAction('display', new ActionDisplay());
$controller->addAction('process', new ActionProcess());
$controller->addAction('submit', new HTML_QuickForm_Action_Submit());

$controller->run();
?>